lammert
msg:4305163 | 3:20 am on Apr 28, 2011 (gmt 0) |
Hi RonD, first of all Welcome to WebmasterWorld!
SSH has different authentication methods with username/password, certificates and keyboard interactive. It could be that the SSH client of server A is trying an authentication method which is not enabled on server B.
A second option could be the /etc/hosts.allow file on server B. There could be some rules affecting SSH requests from remote servers.
|
dstiles
msg:4305597 | 8:18 pm on Apr 28, 2011 (gmt 0) |
Or a different port?
I tried ssh a while ago on a brand new windows server and got hundreds of hack attempts. I turned it off after an hour. If I ran it again I would change the port to obscure it. Could that be what's happened here?
|
RonD
msg:4305603 | 8:39 pm on Apr 28, 2011 (gmt 0) |
lammert - thank you for the welcome and information. I've checked the /etc/hosts.allow file on serverB & added serverA (didn't help). I have discovered (keep in mind, I've only been here 2 months and inherited this infrastructure) that serverA has both "authorizedkeys" and "known-hosts" files under ~/.ssh/. The "known-hosts" file has several entries in it, all indicating "ssh-rsa" and the key. It's been over 10 years since I've done hands-on work with Unix/Linux, so I'm looking for some guidance on what to do. It's a bit confusing, at least to me, that the authorizedkeys would impact SSH as I'm able to ssh INTO the server from other systems not listed in the "known-hosts" file. The problem appears to be doing an ssh FROM serverA to another system. I've used scp from serverB to copy the 2 files from serverA - still no success.
dstiles - thank you for the suggestion, but I don't think that's the problem as I can ssh into both servers using Putty from my desktop just fine. The problem continues to be using ssh FROM serverA to another machine - almost like ssh isn't making it out.
|
lammert
msg:4305713 | 2:45 am on Apr 29, 2011 (gmt 0) |
| that serverA has both "authorizedkeys" and "known-hosts" files under ~/.ssh/. The "known-hosts" file has several entries in it, all indicating "ssh-rsa" and the key. |
|
The known-hosts entries are those servers which you have had contact with SSH-ing from serverA to the outside world. You should check if the serverB is listed in the known-hosts file. If that is the case, both servers were able to talk with each other, they only couldn't agree on the authentication type.
Most important are differences in the /etc/ssh/sshd_config files on the two servers. That file configures the SSH daemon which accepts incoming requests.
|
RonD
msg:4305842 | 12:35 pm on Apr 29, 2011 (gmt 0) |
Issue has been resolved. After thinking about what did work and what didn't work, I had our network monitoring team look at our firewall and it was blocking ssh requests coming from serverA. They put a rule in to allow ssh from serverA to serverB only and it's working now.
Thank you all for your suggestions and recommendations.
|
lammert
msg:4305848 | 12:46 pm on Apr 29, 2011 (gmt 0) |
Glad to hear the issue is resolved!
|
|
